Thoughts about ipv6 white listing
George Bonser
gbonser at seven.com
Sat Dec 4 12:07:36 CET 2010
> > Also, it might be that the recursive DNS server they are using over
> > IPv4
> > transport has IPv6 connectivity. As such the DNS request comes in
> over
> > IPv6 while the end user was using IPv4.
>
> Then the end user would not have requested an AAAA record, it would
> have requested an A record. If the client had no IPv6 it will not
> request an AAAA record. If a request comes in on v6 for an A record,
> they will get the A record.
To clarify ... a request arriving on v6 can get an A or an AAAA record.
A request arriving on v4 will get only an A record.
Clients on v4 with a v6 dns server will show up asking for an A record over v6. That request will be answered if there is an A record for the resource.
Clients on v6 with a v4 dns server will show up on v4 asking for an AAAA record. That request will receive NOERROR and will fall back to v4
Clients on v6 with a v6 DNS server where the server can reach me but the client cannot reach me need to break so the problem can be fixed.
More information about the ipv6-ops
mailing list